1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Booking.com says typo bug can give strangers access to your whole

    From TechnologyDaily@1337:1/100 to All on Mon Dec 9 12:15:05 2024
    Booking.com says typo bug can give strangers access to your whole trip

    Date:
    Mon, 09 Dec 2024 12:02:00 +0000

    Description:
    Typing the wrong email address when using Booking.com could link your
    vacation to another users account.

    FULL STORY ======================================================================Booking. com apparently links reservations to accounts without any verification User finds typing the wrong email address could link your vacation to another account The company did not remove a false booking from one users account

    Travellers using Booking.com to pay for accommodation and transport have been warned about a simple typo bug that could see them share their private trip details with strangers, giving them access to sensitive information and even allowing them to take control over bookings.

    The issue came to light when a Booking.com user, named as Alfie, received an unexpected email confirming a trip that he hadnt booked.

    Although he exercised caution by not following links on the email, suspecting it was a phishing scam, the mysterious booking had been added to his account, confirming suspicions that the email was indeed from Booking.com. Watch out for this Booking.com bug

    After failing to receive an explanation from the companys support team, Alfie shared the story with Ars Technica which pressed Booking.com for answers.

    It was later revealed the problem occurred when another user had entered Alfies email address, presumably by accident, causing the reservation to link to his account. Booking.com has therefore stated the incident is neither a system glitch nor a security breach, however we now have questions about the robustness of Booking.coms system.

    Booking.com said (via Ars Technica ): Following our investigation, we found that the issue occurred due to a customer input error during the reservation process, where he inadvertently entered an incorrect email address. That
    email address, however, belonged to another Booking.com customer which caused the reservation to be linked to their account.

    Alfies experience highlights a worrying loophole where Booking.coms system automatically adds bookings to accounts via the email address provided, without any further verification, making it easy to inadvertently share private information with others and lose your own booking.

    Although the chances of typing a completely different email address are
    pretty slim, a single misplaced letter could direct the booking to another closely related email address.

    Moreover, Booking.com declined to remove the trip from Alfies account,
    stating that it would be a violation of the privacy of the user who actually booked the trip. You might also like Create secure accounts with the best password generators and best password managers Your Netflix account is not suspended how to avoid the latest SMS scam Consider using the best authentication apps



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/booking-com-says-typo-bug-can-give-stra ngers-access-to-your-whole-trip


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)